import grails.plugin.springsecurity.SpringSecurityUtils
import grails.plugin.springsecurity.rest.RestAuthenticationFilter
import grails.rest.render.json.JsonRenderer
import middol.auth.MiddolRestAuthenticationFilter
import middol.log.MiddolAuditRequestResolver
import middol.auth.MiddolAccessTokenJsonRenderer
import middol.auth.MiddolAuthenticationFailureHandler
import middol.auth.MiddolAuthenticationSuccessHandler
import middol.auth.MiddolCustomUserDetailsService
import middol.auth.MiddolTokenAccessDeniedHandler
import middol.auth.User
import middol.auth.UserPasswordEncoderListener
import middollogicaldelete.PreQueryListener

import javax.servlet.http.HttpServletResponse

// Place your Spring DSL code here
beans = {
    restAuthenticationFilter(MiddolRestAuthenticationFilter) {
        def conf = SpringSecurityUtils.securityConfig
        authenticationManager = ref('authenticationManager')
        authenticationSuccessHandler = ref('restAuthenticationSuccessHandler')
        authenticationFailureHandler = ref('restAuthenticationFailureHandler')
        authenticationDetailsSource = ref('authenticationDetailsSource')
        credentialsExtractor = ref('credentialsExtractor')
        endpointUrl = conf.rest.login.endpointUrl
        tokenGenerator = ref('tokenGenerator')
        tokenStorageService = ref('tokenStorageService')
        authenticationEventPublisher = ref('authenticationEventPublisher')
        requestMatcher = ref('restAuthenticationFilterRequestMatcher')
    }

    //自定义多种登录方式
    userDetailsService(MiddolCustomUserDetailsService)

    userPasswordEncoderListener(UserPasswordEncoderListener)

    // 过滤敏感数据
    userRenderer(JsonRenderer, User) {
        excludes = ['password']
    }

    def conf = SpringSecurityUtils.securityConfig

    restAuthenticationSuccessHandler(MiddolAuthenticationSuccessHandler) {
        renderer = ref('accessTokenJsonRenderer')
    }

    restAuthenticationFailureHandler(MiddolAuthenticationFailureHandler) {
        statusCode = conf.rest.login.failureStatusCode?: HttpServletResponse.SC_UNAUTHORIZED
    }

    restAccessDeniedHandler(MiddolTokenAccessDeniedHandler) {
        errorPage = null //403
    }

    accessTokenJsonRenderer(MiddolAccessTokenJsonRenderer){
        usernamePropertyName = conf.rest.token.rendering.usernamePropertyName
        tokenPropertyName = conf.rest.token.rendering.tokenPropertyName
        authoritiesPropertyName = conf.rest.token.rendering.authoritiesPropertyName
        useBearerToken = conf.rest.token.validation.useBearerToken
    }

//    auditListener(AuditEventListener)
//    hibernateEventListeners(HibernateEventListeners) {
//        listenerMap = ['post-insert': auditListener,
//                       'post-update': auditListener,
//                       'pre-delete' : auditListener]
//    }

    logicalDeletePreQueryListener(PreQueryListener)

    auditRequestResolver(MiddolAuditRequestResolver)

}
